Skip to Content
Last modified by Agnease on 2026/05/25 12:52
From version 8.6
edited by Agnease
on 2026/05/25 12:47
Change comment: There is no comment for this version
To version 2.1
edited by Agnease
on 2026/05/22 06:02
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,1 +1,1 @@
1 -XWiki Authentication and Access Control
1 +XWiki Authentication and Access Control | SSO, LDAP and Permissions
Content
... ... @@ -1,6 +1,7 @@
1 1  {{velocity}}
2 2  #set ($discard = $xwiki.ssx.use('PublicWebSite.WebHome'))
3 3  {{html clean="false"}}
4 +
4 4   ## PAGE HEADER
5 5   <section class="hero hero-centered service-hero" aria-labelledby="hero-title">
6 6   <div class="container hero-inner">
... ... @@ -12,10 +12,15 @@
12 12   <h1 id="hero-title">Secure XWiki access, authentication and permissions</h1>
13 13  
14 14   <p class="lead">
15 - Secure XWiki access with LDAP, Active Directory, SSO, OIDC, SAML, MFA, user synchronization,
16 - group management and maintainable permission policies.
16 + Configure and maintain XWiki authentication, user synchronization, group management and access rights
17 + for production environments.
17 17   </p>
18 18  
20 + <p class="hero-support">
21 + We help organizations connect XWiki with LDAP, Active Directory, SSO, OIDC, SAML or MFA, while keeping
22 + permissions understandable, maintainable and aligned with internal access policies.
23 + </p>
24 +
19 19   <div class="hero-actions">
20 20   <a class="btn btn-primary" href="$xwiki.getURL('contact.WebHome')">Discuss access control needs</a>
21 21   <a class="btn btn-secondary" href="#access-control-process">See the approach</a>
... ... @@ -22,92 +22,68 @@
22 22   </div>
23 23   </div>
24 24   </section>
25 - ## WHY ACCESS CONTROL CARDS
26 - #set ($accessControlItems = [{
27 - 'title': 'Connect users securely',
28 - 'icon': 'sign-in',
29 - 'content': 'Integrate XWiki with your identity provider so users can access the platform with familiar credentials.',
30 - 'items': [
31 - 'LDAP and Active Directory',
32 - 'OIDC, SAML and SSO',
33 - 'MFA and authentication extensions'
34 - ]
35 - },{
36 - 'title': 'Manage groups clearly',
37 - 'icon': 'users',
38 - 'content': 'Keep user and group synchronization understandable, scalable and aligned with the way permissions are used.',
39 - 'items': [
40 - 'User synchronization',
41 - 'Group mapping and filtering',
42 - 'Large directory considerations'
43 - ]
44 - },{
45 - 'title': 'Control access safely',
46 - 'icon': 'key',
47 - 'content': 'Review and structure rights so spaces, pages and applications can be maintained without accidental exposure.',
48 - 'items': [
49 - 'Wiki and page permissions',
50 - 'Admin and script rights awareness',
51 - 'Rights model cleanup'
52 - ]
53 - }])
54 54  
32 + ## WHY ACCESS CONTROL MATTERS
55 55   <section aria-labelledby="why-access-title">
56 56   <div class="container">
57 57   <h2 id="why-access-title">Access control is central to a reliable XWiki platform</h2>
36 +
58 58   <p class="section-intro">
59 59   XWiki often contains internal knowledge, procedures, project information, customer data, controlled documents
60 60   and business workflows. Authentication and permissions need to be configured carefully so users can access
61 61   what they need without exposing sensitive information or making administration too complex.
62 62   </p>
42 +
63 63   <div class="pathways">
64 - #foreach ($entry in $accessControlItems)
65 - <article class="pathway-card">
66 - <div class="card-heading">
67 - <div class="pathway-icon">
68 - <i class="fa fa-$entry.icon" aria-hidden="true"></i>
69 - </div>
70 - <h3>$entry.title</h3>
71 - </div>
72 - <p>$entry.content</p>
73 - <ul>
74 - #foreach ($item in $entry.items)
75 - <li>$item</li>
76 - #end
77 - </ul>
78 - </article>
79 - #end
44 + <article class="pathway-card">
45 + <div class="pathway-icon">
46 + <i class="fa fa-sign-in" aria-hidden="true"></i>
47 + </div>
48 + <h3>Connect users securely</h3>
49 + <p>
50 + Integrate XWiki with your identity provider so users can access the platform with familiar credentials.
51 + </p>
52 + <ul>
53 + <li>LDAP and Active Directory</li>
54 + <li>OIDC, SAML and SSO</li>
55 + <li>MFA and authentication extensions</li>
56 + </ul>
57 + </article>
58 +
59 + <article class="pathway-card">
60 + <div class="pathway-icon">
61 + <i class="fa fa-users" aria-hidden="true"></i>
62 + </div>
63 + <h3>Manage groups clearly</h3>
64 + <p>
65 + Keep user and group synchronization understandable, scalable and aligned with the way permissions are used.
66 + </p>
67 + <ul>
68 + <li>User synchronization</li>
69 + <li>Group mapping and filtering</li>
70 + <li>Large directory considerations</li>
71 + </ul>
72 + </article>
73 +
74 + <article class="pathway-card">
75 + <div class="pathway-icon">
76 + <i class="fa fa-key" aria-hidden="true"></i>
77 + </div>
78 + <h3>Control access safely</h3>
79 + <p>
80 + Review and structure rights so spaces, pages and applications can be maintained without accidental exposure.
81 + </p>
82 + <ul>
83 + <li>Wiki and page permissions</li>
84 + <li>Admin and script rights awareness</li>
85 + <li>Rights model cleanup</li>
86 + </ul>
87 + </article>
80 80   </div>
81 81   </div>
82 82   </section>
83 83  
84 84   ## COMMON NEEDS
85 - #set ($accessNeedsItems = [{
86 - 'title': 'LDAP and Active Directory integration',
87 - 'icon': 'address-book',
88 - 'content': 'Configuration, troubleshooting and optimization of LDAP/AD authentication, user creation and group synchronization.'
89 - },{
90 - 'title': 'SSO, OIDC and SAML',
91 - 'icon': 'sign-in',
92 - 'content': 'Integration with identity providers, single sign-on flows and authentication extensions used in enterprise environments.'
93 - },{
94 - 'title': 'Multi-factor authentication',
95 - 'icon': 'shield',
96 - 'content': 'MFA setup, licensing, configuration, troubleshooting and review of authentication-related user experience.'
97 - },{
98 - 'title': 'User and group synchronization',
99 - 'icon': 'users',
100 - 'content': 'Review of synchronization strategy, group mapping, large-directory behavior and performance implications.'
101 - },{
102 - 'title': 'Rights model review',
103 - 'icon': 'key',
104 - 'content': 'Review and cleanup of space, page, group and application permissions to reduce confusion and access risks.'
105 - },{
106 - 'title': 'Access-related troubleshooting',
107 - 'icon': 'warning',
108 - 'content': 'Investigation of login failures, missing users, group sync issues, unexpected permissions or denied access.'
109 - }])
110 -
111 111   <section class="services" aria-labelledby="access-needs-title">
112 112   <div class="container">
113 113   <h2 id="access-needs-title">Common authentication and access control needs</h2>
... ... @@ -118,18 +118,77 @@
118 118   </p>
119 119  
120 120   <div class="services-grid">
121 - #foreach ($entry in $accessNeedsItems)
122 - <article class="service">
123 - <div class="service-icon" aria-hidden="true">
124 - <i class="fa fa-$entry.icon"></i>
125 - </div>
103 + <article class="service">
104 + <div class="service-icon" aria-hidden="true">
105 + <i class="fa fa-address-book"></i>
106 + </div>
107 + <div class="service-body">
108 + <h4>LDAP and Active Directory integration</h4>
109 + <p>
110 + Configuration, troubleshooting and optimization of LDAP/AD authentication, user creation and group synchronization.
111 + </p>
112 + </div>
113 + </article>
126 126  
127 - <div class="service-body">
128 - <h4>$entry.title</h4>
129 - <p>$entry.content</p>
130 - </div>
131 - </article>
132 - #end
115 + <article class="service">
116 + <div class="service-icon" aria-hidden="true">
117 + <i class="fa fa-sign-in"></i>
118 + </div>
119 + <div class="service-body">
120 + <h4>SSO, OIDC and SAML</h4>
121 + <p>
122 + Integration with identity providers, single sign-on flows and authentication extensions used in enterprise environments.
123 + </p>
124 + </div>
125 + </article>
126 +
127 + <article class="service">
128 + <div class="service-icon" aria-hidden="true">
129 + <i class="fa fa-shield"></i>
130 + </div>
131 + <div class="service-body">
132 + <h4>Multi-factor authentication</h4>
133 + <p>
134 + MFA setup, licensing, configuration, troubleshooting and review of authentication-related user experience.
135 + </p>
136 + </div>
137 + </article>
138 +
139 + <article class="service">
140 + <div class="service-icon" aria-hidden="true">
141 + <i class="fa fa-users"></i>
142 + </div>
143 + <div class="service-body">
144 + <h4>User and group synchronization</h4>
145 + <p>
146 + Review of synchronization strategy, group mapping, large-directory behavior and performance implications.
147 + </p>
148 + </div>
149 + </article>
150 +
151 + <article class="service">
152 + <div class="service-icon" aria-hidden="true">
153 + <i class="fa fa-key"></i>
154 + </div>
155 + <div class="service-body">
156 + <h4>Rights model review</h4>
157 + <p>
158 + Review and cleanup of space, page, group and application permissions to reduce confusion and access risks.
159 + </p>
160 + </div>
161 + </article>
162 +
163 + <article class="service">
164 + <div class="service-icon" aria-hidden="true">
165 + <i class="fa fa-warning"></i>
166 + </div>
167 + <div class="service-body">
168 + <h4>Access-related troubleshooting</h4>
169 + <p>
170 + Investigation of login failures, missing users, group sync issues, unexpected permissions or denied access.
171 + </p>
172 + </div>
173 + </article>
133 133   </div>
134 134   </div>
135 135   </section>
Agnease.Code.SEODetailsClass[0]
metaDescription
... ... @@ -1,1 +1,0 @@
1 -XWiki authentication and access control services for SSO, LDAP, OIDC, SAML, MFA, user groups, permissions and secure enterprise access management.
metaTitle
... ... @@ -1,1 +1,0 @@
1 -XWiki Authentication and Access Control Services | Agnease